osf-cas 23.2.0

Institution support email for selective SSO

osf-cas 23.1.0

Institution Rework Project - CAS Part

• Integrated SSO Identity into Institution SSO
• Disambiguated username, email, mail, eppn and identity
• Supports more customized errors
• Refactored log and exception messages

CASv22.1.0

• Added the institution SSO integration guide
• Synchronized the repo copy of institutions-auth.xsl against helm charts
• Updated local configs for fakeCAS IdP with institution osftype0
• Migrated okstate SSO from CAS to SAML
• Updated readme accordingly

CASv22.0.0

Accessibility fixes

CASv21.3.0

Support institution deactivation and reactivation

newCASv21.2.0

OSF CAS First Production Server Release

See https://github.com/CenterForOpenScience/osf-cas/milestone/5?closed=1

newCASv21.1.0-beta

OSF CAS Feature-complete Release

• OSF CAS as an OAuth 2.0 server
• OSF personal access token, developer apps and OAuth scopes
• Authentication failure throttling
• Customized institution logout
• Institution department
• Overlay template and core libraries upgrade

newCASv21.0.0-alpha

Web Flow Updates, Institution SSO and FE Rework

• Login and logout web flow fixes and improvements
• Fully functional institution SSO, BE and FE
• FE rework and UI / UX improvements
• Institution SSO migration
• Terms of Service consent check
• SonarCube integration

newCASv20.1.0-alpha

OSF CAS second release with FE re-design, BE improvements and DevOps updates

• FE

  • Refactored styles to be consistent with both OSF and oldCAS
  • Rewrote how authentication delegation info is retrieved and used
  • Improved the behavior of inline error messages in login forms
  • Added new / Rewrote existing authentication exception pages
  • Improved UI / UX in responsive mode and on various screen dimensions

• BE

  • Implemented a dedicated OSF CAS login context and a couple of pre-login
    check actions to support ORCiD login and institution SSO
  • Implemented ORCiD sign-up auto-redirect for OSF

• DevOps

  • Updated tomcat server to work with its enclosing Shibboleth server
  • Separated staging / production and local configurations
  • Rewrote cas.properties into a helm charts template
  • Improved build / run / reload for local development

• Other

  • Replaced Apereo branding with COS / OSF in multiple places

newCASv20.0.0-pre-alpha

Basic authentication features for OSF

• Username and password login

• Username and verification key login

• Two-factor authentication

• Long-term authentication

• ORCiD login

Technical details

• JSON service registry

• JPA ticket registry with PostgreSQL

• JPA PostgreSQL authentication backend

• Customized login web flow and authentication including

  • OSF credential and metadata populator
  • OSF non-interactive authentication action
  • OSF PostgreSQL authentication handler
  • Pac4j authentication delegation
  • Two-factor authentication using time-based one-time password
  • Customized authentication exception handling
  • Customized user interface